﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Xml;
using System.Xml.Linq;
namespace XMLMovieWebsite
{
    public partial class AdminUser : System.Web.UI.Page
    {
         Login objUser = new Login("", "");
         string ConString = ConfigurationManager.ConnectionStrings["ConStringXml"].ConnectionString;
        protected void Page_Load(object sender, EventArgs e)
        {
            try
            {
                objUser = Session["sesLogin"] as Login;
            }
            catch { }
            if (objUser != null )
            {
                if (objUser.IsAdmin == false)
                {
                    Response.Redirect("Default.aspx");
                }
                
            }
            else
            {
                Response.Redirect("Default.aspx");
            }


        }

        protected void DataList1_ItemCommand(object source, DataListCommandEventArgs e)
        {
            if (e.CommandName.Equals("Update"))
            {
                TextBox txt1 = (TextBox)e.Item.FindControl("TextBox1");
                TextBox txt2 = (TextBox)e.Item.FindControl("TextBox2");
                TextBox txt3 = (TextBox)e.Item.FindControl("TextBox3");
                TextBox txt4 = (TextBox)e.Item.FindControl("TextBox4");
                TextBox txt5 = (TextBox)e.Item.FindControl("TextBox5");
                //System.Windows.Forms.MessageBox.Show(txt1.Text + " " + txt2.Text + " " + txt3.Text);
                SqlConnection con = new SqlConnection(ConString);
                SqlCommand cmd = new SqlCommand();
                cmd.Connection = con;
                cmd.CommandText = "Update taikhoan set password=N'"+txt2.Text+"',email=N'"+txt3.Text+"', diachi=N'"+txt4.Text+"' where username='"+txt1.Text+"'   ";
                con.Open();
                cmd.ExecuteNonQuery();
                con.Close();
                DataList1.EditItemIndex = -1;
                DataList1.DataBind();
            }
        }

        protected void DataList1_EditCommand(object source, DataListCommandEventArgs e)
        {
            DataList1.EditItemIndex = e.Item.ItemIndex;
            DataList1.DataBind();
        }

        protected void DataList1_DeleteCommand(object source, DataListCommandEventArgs e)
        {
            System.Windows.Forms.DialogResult dialogResult = System.Windows.Forms.MessageBox.Show("Bạn có chắc muốn xóa", "", System.Windows.Forms.MessageBoxButtons.YesNo);
            if (dialogResult == System.Windows.Forms.DialogResult.Yes)
            {
                Label lb1 = (Label)e.Item.FindControl("Label1");
                SqlConnection con = new SqlConnection(ConString);
                SqlCommand cmd = new SqlCommand();
                cmd.Connection = con;
                cmd.CommandText = " Delete From taikhoan where username='" + lb1.Text+"'";
                con.Open();
                cmd.ExecuteNonQuery();
                con.Close();
                DataList1.DataBind();
            }
            else if (dialogResult == System.Windows.Forms.DialogResult.No)
            {
                //do something else
            }
        }

        protected void DataList1_CancelCommand(object source, DataListCommandEventArgs e)
        {
            DataList1.EditItemIndex = -1;
            DataList1.DataBind();
        }
    }
}